Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/3_CumXJFY0DBejQkFUVkzCF3-5E.roa
File: 3_CumXJFY0DBejQkFUVkzCF3-5E.roa (raw, json)
Hash identifier: 2DlbALZilAVymorjMNDzf6+Z1j20OppipK4ND4bSbiY=
Subject key identifier: DF:F0:AE:99:72:45:63:40:C1:7A:34:24:15:45:64:CC:21:77:FB:91
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 018CC34898AA9AAEEF2F03883492EC4D2AD2
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/3_CumXJFY0DBejQkFUVkzCF3-5E.roa
Signing time: Mon 01 Jan 2024 04:29:23 +0000
ROA not before: Mon 01 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8437
IP address blocks: 62.218.100.0/24 maxlen: 24
178.114.0.0/16 maxlen: 16
62.218.52.0/24 maxlen: 24
178.114.92.0/22 maxlen: 22
178.114.96.0/20 maxlen: 20
178.114.112.0/20 maxlen: 20
178.114.128.0/21 maxlen: 21
213.235.196.0/24 maxlen: 24
213.235.192.0/18 maxlen: 18
62.218.164.0/24 maxlen: 24
62.218.165.0/24 maxlen: 24
62.218.169.0/24 maxlen: 24
62.218.168.0/24 maxlen: 24
62.218.174.0/24 maxlen: 24
62.218.175.0/24 maxlen: 24
46.57.0.0/17 maxlen: 17
195.96.0.0/19 maxlen: 19
86.59.0.0/17 maxlen: 17
62.116.64.0/18 maxlen: 18
213.129.224.0/19 maxlen: 19
213.90.0.0/17 maxlen: 17
62.218.4.0/24 maxlen: 24
62.218.0.0/16 maxlen: 16
195.248.32.0/19 maxlen: 19
77.118.240.0/20 maxlen: 20
81.189.213.0/24 maxlen: 24
81.189.212.0/22 maxlen: 22
81.189.212.0/24 maxlen: 24
81.189.215.0/24 maxlen: 24
81.189.214.0/24 maxlen: 24
91.186.128.0/19 maxlen: 19
77.119.32.0/19 maxlen: 19
178.115.96.0/24 maxlen: 24
178.115.98.0/24 maxlen: 24
178.115.96.0/19 maxlen: 19
77.118.192.0/20 maxlen: 20
188.118.192.0/18 maxlen: 18
77.118.208.0/20 maxlen: 20
212.152.128.0/17 maxlen: 17
77.118.224.0/21 maxlen: 21
77.118.232.0/21 maxlen: 21
78.142.128.0/18 maxlen: 18
62.116.0.0/19 maxlen: 19
77.119.96.0/22 maxlen: 22
77.119.112.0/22 maxlen: 22
77.119.64.0/18 maxlen: 18
77.119.80.0/21 maxlen: 21
77.119.88.0/21 maxlen: 21
46.57.124.0/22 maxlen: 22
46.57.120.0/22 maxlen: 22
178.114.192.0/21 maxlen: 21
77.118.32.0/21 maxlen: 21
77.118.48.0/21 maxlen: 21
178.114.208.0/21 maxlen: 21
178.114.216.0/21 maxlen: 21
77.118.56.0/21 maxlen: 21
212.27.64.0/18 maxlen: 18
178.114.224.0/20 maxlen: 20
81.189.0.0/16 maxlen: 16
46.57.72.0/22 maxlen: 22
178.114.144.0/21 maxlen: 21
46.57.80.0/21 maxlen: 21
178.114.152.0/21 maxlen: 21
46.57.88.0/21 maxlen: 21
178.114.160.0/20 maxlen: 20
46.57.96.0/21 maxlen: 21
213.235.234.0/24 maxlen: 24
195.70.224.0/19 maxlen: 19
77.118.0.0/16 maxlen: 16
46.57.104.0/22 maxlen: 22
178.114.176.0/20 maxlen: 20
77.118.14.0/24 maxlen: 24
77.118.17.0/24 maxlen: 24
46.57.112.0/21 maxlen: 21
77.118.136.0/21 maxlen: 21
77.118.160.0/20 maxlen: 20
77.118.176.0/20 maxlen: 20
178.114.240.0/20 maxlen: 20
77.118.104.0/22 maxlen: 22
77.118.108.0/22 maxlen: 22
77.118.112.0/20 maxlen: 20
77.118.128.0/21 maxlen: 21
2001:858:40::/45 maxlen: 45
2001:858::/32 maxlen: 32
2001:938::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 13:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:98:aa:9a:ae:ef:2f:03:88:34:92:ec:4d:2a:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dff0ae9972456340c17a3424154564cc2177fb91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:56:70:cf:bd:b9:17:b3:27:85:50:9a:41:b9:
da:be:52:88:25:13:e5:30:c8:8c:a7:9e:96:ff:c6:
ec:6d:19:c2:9e:86:8e:b7:ae:34:39:b4:2a:76:5d:
b2:d7:c2:e3:80:72:b1:7e:bf:73:3d:b0:64:e2:19:
26:e6:64:cc:d2:4d:65:5b:ba:3d:51:47:ba:0e:0e:
a9:db:77:15:b9:c3:12:ff:20:b9:4d:44:0d:5b:ab:
47:ce:4a:c6:47:01:00:01:a0:6a:20:c2:cf:9d:92:
06:c6:dd:65:d7:9e:8b:9d:3f:da:b8:10:c5:e3:7b:
ee:a9:41:29:cd:79:b1:79:d3:db:f6:24:2e:6f:92:
d8:b6:6c:de:70:0e:53:5f:a7:87:a2:84:0a:11:0e:
90:f3:9f:ec:4e:ef:07:e1:e6:77:bd:3a:ed:96:f2:
9a:dc:69:97:16:ee:15:b9:c6:38:6b:c4:df:fd:bc:
f3:65:b7:74:06:61:20:62:0e:22:cd:80:eb:43:5a:
9a:f1:52:fe:24:aa:68:e2:48:d8:4b:45:32:7d:70:
c9:cb:d6:bc:d5:52:53:9b:f1:d2:55:69:eb:e7:ea:
ad:24:3f:d0:52:b3:a2:47:b3:12:86:5f:f3:29:09:
e9:9f:90:f2:45:14:3d:e9:b3:22:09:bc:0d:19:67:
c3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F0:AE:99:72:45:63:40:C1:7A:34:24:15:45:64:CC:21:77:FB:91
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/3_CumXJFY0DBejQkFUVkzCF3-5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.57.0.0/17
62.116.0.0/19
62.116.64.0/18
62.218.0.0/16
77.118.0.0/16
77.119.32.0-77.119.127.255
78.142.128.0/18
81.189.0.0/16
86.59.0.0/17
91.186.128.0/19
178.114.0.0/16
178.115.96.0/19
188.118.192.0/18
195.70.224.0/19
195.96.0.0/19
195.248.32.0/19
212.27.64.0/18
212.152.128.0/17
213.90.0.0/17
213.129.224.0/19
213.235.192.0/18
IPv6:
2001:858::/32
2001:938::/32
Signature Algorithm: sha256WithRSAEncryption
4a:15:10:48:3c:83:44:d3:3d:98:41:2c:b9:5f:6e:c8:32:fb:
68:4f:22:46:ee:04:d2:58:b0:e3:28:bc:fc:0a:c5:a1:d4:4d:
4b:9b:d6:43:65:15:3c:da:36:b0:6c:24:70:56:73:e1:6b:bf:
df:af:f5:75:37:1c:38:a7:1c:91:64:be:f4:79:9d:38:8d:1f:
77:9d:17:e3:e8:52:fd:4d:e3:8d:4f:39:69:64:81:e2:ec:07:
5c:85:14:0e:c9:ba:07:ab:b7:2a:a0:bc:65:ce:c6:e5:90:3d:
71:31:08:73:b3:b8:54:fd:6c:c4:51:b0:ac:d3:ca:7e:72:a0:
73:d3:e4:5c:cf:b4:f0:20:e9:7c:de:c0:60:88:c2:7b:16:94:
da:ce:f2:54:5e:4b:1e:a6:52:be:dc:51:d7:1d:ea:e6:14:b0:
79:a5:3c:62:09:cc:67:71:61:3e:67:ad:6a:cf:62:d0:6b:5d:
38:ad:b9:f5:5a:14:c6:1c:f8:02:88:4b:21:8c:ca:d8:47:e4:
32:1e:e7:0d:23:d2:bc:72:aa:3d:79:36:c2:cb:d2:4a:91:d2:
b9:fc:7d:27:83:55:46:3a:19:6f:3a:76:c3:db:43:bf:97:7a:
ec:59:41:2c:f9:a3:bc:10:e7:32:31:3b:54:c2:ff:11:14:75:
3f:f6:31:36
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzDSJiqmq7vLwOINJLsTSrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmYwYWU5OTcyNDU2MzQwYzE3YTM0MjQxNTQ1NjRjYzIxNzdmYjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1Zwz725F7MnhVCaQbnavlKIJRPl
MMiMp56W/8bsbRnCnoaOt640ObQqdl2y18LjgHKxfr9zPbBk4hkm5mTM0k1lW7o9
UUe6Dg6p23cVucMS/yC5TUQNW6tHzkrGRwEAAaBqIMLPnZIGxt1l156LnT/auBDF
43vuqUEpzXmxedPb9iQub5LYtmzecA5TX6eHooQKEQ6Q85/sTu8H4eZ3vTrtlvKa
3GmXFu4VucY4a8Tf/bzzZbd0BmEgYg4izYDrQ1qa8VL+JKpo4kjYS0UyfXDJy9a8
1VJTm/HSVWnr5+qtJD/QUrOiR7MShl/zKQnpn5DyRRQ96bMiCbwNGWfDuQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFN/wrplyRWNAwXo0JBVFZMwhd/uRMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvM19DdW1YSkZZMERCZWpRa0ZVVmt6Q0YzLTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBiQQCAAEwgYIDBAcu
OQADBAU+dAADBAY+dEADAwA+2gMDAE12MAwDBAVNdyADBAdNdwADBAZOjoADAwBR
vQMEB1Y7AAMEBVu6gAMDALJyAwQFsnNgAwQGvHbAAwQFw0bgAwQFw2AAAwQFw/gg
AwQG1BtAAwQH1JiAAwQH1VoAAwQF1YHgAwQG1evAMBQEAgACMA4DBQAgAQhYAwUA
IAEJODANBgkqhkiG9w0BAQsFAAOCAQEAShUQSDyDRNM9mEEsuV9uyDL7aE8iRu4E
0liw4yi8/ArFodRNS5vWQ2UVPNo2sGwkcFZz4Wu/36/1dTccOKcckWS+9HmdOI0f
d50X4+hS/U3jjU85aWSB4uwHXIUUDsm6B6u3KqC8Zc7G5ZA9cTEIc7O4VP1sxFGw
rNPKfnKgc9PkXM+08CDpfN7AYIjCexaU2s7yVF5LHqZSvtxR1x3q5hSweaU8YgnM
Z3FhPmetas9i0GtdOK259VoUxhz4AohLIYzK2EfkMh7nDSPSvHKqPXk2wsvSSpHS
ufx9J4NVRjoZbzp2w9tDv5d67FlBLPmjvBDnMjE7VML/ERR1P/YxNg==
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:06:56 2024 by rpki-client on console-fra.rpki-client.org